Postfix, CAfile and Macports

Johannes Kastl mail at
Wed Jan 25 21:19:59 UTC 2017

Hash: SHA1

Hi there,

after Daniel told me the right way to get to the logs, I tried to
setup postfix to forward local mails via a relayhost.

Postfix is installed with +pcre+sasl+smtputf8+tls, so basically
sending via tls and authenticating to the relayhost should work.

But: I can't get postfix to accept the servers certificate, no
matter which smtp_tls_CAfile I set. I tried the one from
curl-ca-bundle, the one from python, I also copied over a working
one from Linux. But postfix seems to ignore it. I always get:

> certificate verification failed for
>[]:25: untrusted issuer
> /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

and later:
... status=deferred (Server certificate not trusted)

I also downloaded the root certificates and tried them, but no
change. I downloaded the certificate chain via openssl, but again:
no change.

Is postfix ignoring the settings because of some OSX specialty? Or
is this some misconfiguration on my side, that is only apprent on
OSX and not on 30+ linux machines running postfix 3.x?

Thanks again,
Version: GnuPG v2
Comment: Using GnuPG with SeaMonkey -


More information about the macports-dev mailing list